Be Careful What You Browse From Home (It’s About To Be Up For Sale)

There has long been advised that using things like Incognito Mode and clearing your cookies and opting out of advertising preferences will help keep your browsing information disassociated from your identity, and to some extent this wisdom has been true – as nothing is foolproof, it is not possible to be completely de-personalised when using the Internet, but putting roadblocks up when possible makes the data incomplete and less useful.

Add to this a move by the FCC in October 2016 to adopt the Broadband Privacy Rule, a consumer-minded way to ensure that the most sensitive activities you undertake on your home broadband are able to be protected from the vacuum that sucks in all possible data in order to sell you more crap (or adapt what you think and feel on a political topic). This is about to change, if the new FCC has it’s way. Ajit Pai, the new chairman of the FCC has been vocal in his distaste for such privacy measures, as he believes that the path to happiness goes through businesses and not consumers protection.

Unless you use a reputable VPN all the time, everything you and your family browse or download via your broadband connection is subject to being sold to advertisers or anyone who will pay for it. This includes all web sites, all files, all images, even those that you try to keep from Google or other search services via incognito mode or clearing cookies. Your Internet Service Provider has access to everything you do with your Internet connection, and the rollback of the Broadband Privacy Rule will mean that they can, and likely will sell it or use it to milk more money out of you to keep it from being sold.

There certainly is not explicit opt-in, and opting-out will cost you (a lot). As we saw with AT&T’s illustrious GigaPower service, the service as advertised included the poorly and deceptively-named Internet Preferences which gave AT&T the right to sell your usage data. In order to keep your data from being sold, AT&T squeezed up to $792/year from you to opt-out of the service, and they didn’t make it easy to do so. Upon becoming aware of the Broadband Privacy Rule’s imminence, AT&T decided to end the programme altogether.

HTTPS is not enough in this case. HTTPS protects the information inside the packet, but the URL and metadata still tells a lot about the sites you go to, the things you search for when you are there, the topics that interest you and the people you follow. The URL’s have such info in them and HTTPS does not obfuscate them in any way from being collected by ISPs. For example, my twitter URL is https://twitter.com/buddhake and if you click on it, your ISP will know that you went to my Twitter regardless of the fact that the content sent to you was encrypted between Twitter and your web browser. URL’s house much information that is useful to those buying data.

[UPDATE 1 February 2017 18:31EDT : Comcast has announced this evening that they will charge for access to their application when used from a Roku. Due to the lack of rule requiring this to be free, Comcast, of course, will charge.]

It is not that I am against personalisation, because I am not; I believe that consumers have become very used to and rely upon a certain level of knowledge by service providers to get users closer to the information they seek by using info already stored, however the de facto collection and use without transparency of what is collected, what it is used for and with whom it is shared, and without an easy means of opt-out, and/or exorbitant fees making privacy only available to the wealthy is reprehensible. It is the role of government to protect its citizens, and in this case the changes forthcoming from the FCC are going to enable those citizens to be further exploited without reasonable means to opt-out.